Timelock duration on upgrades

Beefy Finance's assessment for RD-F-032 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No standalone protocol-level governance timelock (timelock_address=null in cache). The only delay is a vault-level 6-hour approvalDelay (21,600 seconds) embedded in each BeefyVaultV7 for strategy switches via upgradeStrat(). This vault-level delay is NOT a classical TimelockController. It does not apply to panic(), inCaseTokensGetStuck(), fee config changes, keeper changes, or any non-strategy-switch actions.

Sources #

Internal
Beefy data cache — governance timelock fields00-data-cache.json governance.timelock_address=null, governance.timelock_delay_seconds=nullretrieved 2026-05-16
GitHub
BeefyVaultV7.sol — upgradeStrat() timelock implementationBeefyVaultV7.sol upgradeStrat(): require(stratCandidate.proposedTime + approvalDelay < block.timestamp)retrieved 2026-05-16
Docs
Beefy Contracts and Timelocks Documentation6-hour timelock is configured for all strategy changes and upgradesretrieved 2026-05-16

Methodology #

Read the timelock delay (in hours) between a queued upgrade proposal and its executable state.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-032 score yellow collected_at 2026-05-16 13:10:30